Target Audiences In Cyber Security

Every blog author should ask themselves at some point, who is the target audience for this blog post, website, or tool? Digital Operatives started out as a niche cyber-security company doing advanced research and development somewhat before the term “cyber” had even become part of the public’s vernacular. Digital Operatives first target audience for its website was its potential customers. Over the years we’ve had many customers, but our target audience was fairly niche. We hoped to entice our customers to do business with us because we were “ahead”. Interestingly, I don’t really remember a single “paying customer” who was drawn to us because of our blog or website. Perhaps there is a lesson in there or perhaps its because we misjudged our target audience.

The cyber-security market over Digital Operatives’ relatively long existence has evolved significantly. There are many so-called cyber-security companies, and especially in the DC area. Each of those businesses’ target audience I’m sure was carefully crafted by their founders based on a perceived market need for their potential products or services. When I started Digital Operatives, I had no idea what I wanted it to become. I just wanted to do interesting work that had a meaningful impact on society. While not everything we do is public, I think we’ve had the impact I initially desired, and perhaps then some.

The question is, can we do more, and how do we do it? A question that will help us along the right path to scaling our work, I think, is: Who is Digital Operatives’ target audience?

Is it cyber security professionals?

Thousands of people have downloaded the code from our Cyber Fast Track project called PAINT (Process Attribution In Network Traffic) since we put it up on our website. There has been scant evidence that releasing PAINT has done much to start the conversation with potential customers. Only one company has even inquired about a commercial license to PAINT in the 6 years or so that it has been online. While thousands of people downloaded it, I doubt many people would help pay for its continued development. On another note, as popular as the tool was amongst various government and military folks during the Cyber Fast Track conferences (so I heard), absolutely ZERO government customers showed interest in its continued development. All that being said and on a separate note, there is much I want to do personally with PAINT, which is why I open sourced it. Stay tuned to our Digital Operatives Github Page for updates.

To be clear, I do think there is value in engaging with cyber security professionals. I think it’s an important step in developing a relationship with the community. Many of those professionals work in industry and government and are potentially our first lead-in with a big customer. If we are going to have further success in scaling our “offering” to other customers, we have to get more introductions, perhaps by releasing more products and research over time, and especially for cyber security professionals.

Is it for decision makers?

So we got the introduction and the meeting setup with the CISO through our blue-team “friend” who used PAINT on a recent engagement. What content do we have available on our website to encourage the decision makers to engage with Digital Operatives as opposed to feeling like they’d be wasting their time? Have we carefully considered what itches industry CISOs need scratched? Have we spelled it out in clear detail? Are we expecting our blue-team “friend” to close the deal or is there something that ONLY we can do because of product X or person Y that we have on staff? We’ve nearly always been a service company, not a product company, but we have to do both in order to expand our offering. In the past, we set ourselves up to be Subject Matter Experts. We have been the team you want to engage when you need creativity to solve your problems, not a one size fits all box to put in your datacenter. Perhaps we’ve missed the boat on the “sell you a box” opportunity. My plan is to do better here. In fact, I have a goal to release some of the exciting AI capabilities we developed on FUSION to the public soon. Perhaps this will spur more meaningful conversations with interested CISOs who are looking for the latest and very creative ways to hunt cyber threats on their systems. Further, I’d like to meaningfully redesign our public presence to appeal to the decision makers. We are working on many solutions that may just be “one size fits all” capabilities that present decision makers with an actual easy button.

Who else should be our target audience?

We’ll continue to attempt to present unique perspectives on our blog for government program managers, academics, enthusiasts, professionals, private individuals, executives, lawyers, etc. We’ll have to be careful to direct eyes appropriately based on the needs and concerns of each person respectively. There are some really good ways to do this that are conducive to starting conversations. That’s what we are hoping for, to start a conversation. We’re a small outfit, but we can do more to help the community, and we are looking to do just that.